RSS (“Rich Site Summary”) feeds are widely used to automatically receive and view current content from favorite websites, either in conjunction with a browser on a desktop or laptop computer, or using a hand held computing device such as a smartphone or tablet. RSS is a web feed format used to publish frequently updated content, such as news, blogs, postings of digital photographs and videos, etc. A site can use RSS to publish a new digital content item once, allowing all users that subscribe to the given feed to receive and view the published content automatically.
RSS feeds can be read using software typically called an RSS reader, which can be implemented in the form of a browser add-on, embedded within an application such as a personal information manager (for example, Microsoft Outlook® or a similar package from another vendor), or be instantiated as a standalone application running on a desktop computer, a mobile computing device or in the cloud. A user subscribes to a feed by providing its identifier to the RSS reader. This process can be automated for the user, for example by prompting the user to click on a feed icon. The RSS reader checks the feeds the user has subscribed to on a regular basis for new content, based on the refresh schedule of the given feeds, which can be default or user specified. Any new content is downloaded to the user's computing device and displayed to the user. RSS thus allows users to avoid manually checking websites they frequently access. Instead, the user can subscribe to the feeds for the sites of interest, such that all new content is automatically retrieved and provided to the user. Although RSS is currently the most widely used web feed format, other formats are also used in this capacity, such as Atom.
Given the proliferation of frequently updated websites and blogs, people increasingly track their favorite sites via web feeds. As handheld computing devices are becoming widely used, over 60% of tablet and smartphone users subscribe to news feeds on these devices, and this percentage can be expected to increase. Although extremely useful for automatically tracking current updates, web feeds are unfortunately becoming a favorite attack vector for malware. Web feeds such as RSS provide web based content to users, and as such are vulnerable to attacks that are executed by providing links to sites hosting malware. In other words, the web content obtained via a web feed can be compromised to contain links that when clicked lead to sites hosting malicious code, such as scripting attacks, drive-by downloads, phishing attacks, etc. In some cases, even viewing a malicious link can infect a user's computer, for example in the case of cross-site scripting. Past attacks have been detected in which RSS vulnerabilities have been exploited to infect the computer systems of users in these ways.
It would be desirable to address this issue.